Please critique my upload script.
Moderator: General Moderators
Re: Please critique my upload script.
You need an absolute path to read the file, and it still looks like someone can cause your script to echo JS
- social_experiment
- DevNet Master
- Posts: 2793
- Joined: Sun Feb 15, 2009 11:08 am
- Location: .za
Re: Please critique my upload script.
I tried entering <script>alert("XSS")</script> in my url as suggested via another comment but it doesn't alert the message. How can i improve the script to stop any JS code from being echoed?and it still looks like someone can cause your script to echo JS
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering